George's status report - #4 of 16

[George Chatzisofroniou <sophron () latthi com>]

Hi everyone,

This my fourth report for this summer.

Accomplishments:

* Finished http-stored-xss.
  - Fixed various mistakes.
  - Optimized.
  - Added description and documentation.
  - Added an option to use your own XSS vectors.
  - Tested it against a simple PHP implementation i developed.
  - Sent it to the list along with my thoughts about the XSS area of NSE.

* Finished http-xssed.
  - This script searches the xssed.com database and outputs the result.
  - Performed some tests. Seems to work good.

* Improvements to httpspider
  - To make http-stored-xss work, i had to to turn off http caching.
  - Created a branch called 'extended-httpspider', for all the improvements i'm
    planning to do.

* Studied about my next scripts.

* Finished most of my exams.

Priorities:

* Keep making improvements to httpspider.
* Post http-xssed to this->list for feedback.
* See if i can make any improvements to whois.nse. [1]
* Linode has a few services that allow you to SSH remote to a virtual terminal
  for your VPS. I'll see if there is a way to automate finding it. [1]

I'm also finishing my exams in a couple of days.

[1]: Patrick said it's ok to work on different areas of NSE (other than HTTP) and
I would like to do it that way, so i can have a nice overview of NSE after the
summer.

Cheers,

-- 
George Chatzisofroniou
http://sophron.latthi.com

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/